AniNIX/Kapisi
3
0
Fork 0
Code Issues 27 Pull Requests Projects 1 Releases Wiki Activity

AniNIX/Wiki#21 -- effecting renames for policy

Browse Source
This commit is contained in:
DarkFeather
2024-04-01 00:44:23 -05:00
parent 323b4dd306
commit 6f36d515e3
46 changed files with 509 additions and 368 deletions
Download Patch File Download Diff File Expand all files Collapse all files

152
examples/msn0.yml
View File

@@ -1,7 +1,9 @@
all:
vars:
# Environment-wide data
external_domain: aninix.net
external_domain: "aninix.net"
external_subdomains: "cyberbrain foundation irc lykos maat password sharingan singularity superintendent www yggdrasil"
hosted_domains: "travelpawscvt.com"
replica_domain: "MSN0.AniNIX.net"
time_zone: "America/Chicago"
# Services used by all
@@ -19,7 +21,7 @@ all:
ansible_become_method: sudo
ansible_become_user: root
static: false
wireless_ssid: 'Shadowfeed'
wireless_ssid: 'Shadownet'
ansible_python_interpreter: auto_silent
ldap:
server: "10.0.1.3"
@@ -32,66 +34,83 @@ all:
displayname: 'AniNIX'
gpgkey: '904DE6275579CB589D85720C1CC1E3F4ED06F296'
ssl: # Standard SSL cryptographic standards
identity: 'aninix.net-0001' # The Let's Encrypt identity to use
identity: 'aninix.net-0002' # The Let's Encrypt identity to use
ciphersuite: "!NULL:!SSLv2:!SSLv3:!TLSv1:EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH"
children:
managed:
children:
physical: # 10.0.1.0/28
hosts:
Nazara:
Chappaai:
ipinterface: eth0
ip: 10.0.1.2
mac: B8:27:EB:B6:AA:0C
static: true
Node1:
ipinterface: enp1s0
ip: 10.0.1.5
mac: FA:EC:43:87:4D:2D
tap: true
ups: 'aps'
Node2:
ipinterface: enp1s0
ip: 10.0.1.7
mac: 56:02:ef:2c:1f:7c
tap: true
ups: 'cyberpower'
Node3:
ipinterface: enp1s0
ip: 10.0.1.8
mac: B2:C6:2C:02:B2:6E
tap: true
Nodelet0:
Maker:
ipinterface: eth0
ip: 10.0.1.9
mac: b8:27:eb:9a:73:dd
static: true
k3s_primary: true
Nodelet1:
ipinterface: eth0
ip: 10.0.1.10
mac: E4:5F:01:01:FF:9C
static: true
Nodelet2:
ipinterface: eth0
ip: 10.0.1.11
mac: E4:5F:01:01:FF:D5
static: true
Nodelet3:
ipinterface: eth0
ip: 10.0.1.12
mac: E4:5F:01:01:FF:96
static: true
Nodelet4:
ipinterface: eth0
ip: 10.0.1.13
mac: E4:5F:01:01:FF:E4
ip: 10.0.1.14
mac: B8:27:EB:B6:AA:0D
static: true
children:
Node:
hosts:
Node1:
ipinterface: enp1s0
ip: 10.0.1.5
mac: FA:EC:43:87:4D:2D
tap: true
ups: 'aps'
active_vms:
- Yggdrasil
Node2:
ipinterface: enp1s0
ip: 10.0.1.7
mac: 56:02:ef:2c:1f:7c
tap: true
active_vms:
- DarkNet
- Maat
- Sharingan
- Superintendent
Node3:
ipinterface: enp1s0
ip: 10.0.1.8
mac: B2:C6:2C:02:B2:6E
tap: true
active_vms:
- TDS-Jump
Geth:
hosts:
Geth0:
ipinterface: eth0
ip: 10.0.1.9
mac: 84:16:F9:14:15:C5
static: true
k3s_primary: true
Geth1:
ipinterface: eth0
ip: 10.0.1.10
mac: E4:5F:01:01:FF:9C
static: true
Geth2:
ipinterface: eth0
ip: 10.0.1.11
mac: E4:5F:01:01:FF:D5
static: true
Geth3:
ipinterface: eth0
ip: 10.0.1.12
mac: E4:5F:01:01:FF:96
static: true
Geth4:
ipinterface: eth0
ip: 10.0.1.13
mac: E4:5F:01:01:FF:E4
static: true
virtual: # 10.0.1.16/28
vars:
hosts:
Sharingan:
node: Node2
ip: 10.0.1.16
ipinterface: ens3
mac: 00:15:5D:01:02:10
@@ -106,7 +125,6 @@ all:
# On hold because of https://aninix.net/DarkFeather/MSN0/issues/6
holdpkg: "elasticsearch graylog mongodb44-bin mongodb-tools-bin"
DarkNet:
node: Node2
ipinterface: ens3
ip: 10.0.1.17
mac: 00:15:5D:01:02:05
@@ -118,19 +136,18 @@ all:
- '-drive format=raw,index=0,media=disk,file=/dev/sdb'
wolfpack_config: 'gitea@foundation.aninix.net:DarkFeather/WolfPack-Config.git'
Maat:
node: Node2
ip: 10.0.1.18
ipinterface: ens3
mac: 00:15:5d:01:02:07
cores: 2
memory: 2
bridge: br0
vscan_enabled: true
vnc: 7
disks:
- '-drive format=qcow2,l2-cache-size=8M,file=/mnt/cage2/vm/Maat.qcow2'
Yggdrasil:
node: Node1
ipinterface: enp1s0f0
ipinterface: ens3
ip: 10.0.1.3
mac: 00:25:90:0d:6e:86
static: true
@@ -142,6 +159,7 @@ all:
memory: 16
bridge: br0
vnc: 1
vscan_enabled: true
disks:
- '-drive format=raw,index=0,media=disk,file=/dev/sda'
- '-drive format=raw,index=0,media=disk,file=/dev/sdb'
@@ -151,18 +169,18 @@ all:
vars:
motion_enabled: yes
hosts:
Geth-Hub-1:
Vergil1:
ip: 10.0.1.32
mac: 84:16:F9:14:15:C5
mac: b8:27:eb:9a:73:dd
rotate: 0
remote: NS-RC4NA-14
Geth-Hub-2:
Vergil2:
ip: 10.0.1.33
mac: 84:16:F9:13:B6:E6
motion_enabled: no
rotate: 180
remote: NS-RC4NA-14
Geth-Hub-3:
Vergil3:
ip: 10.0.1.34
mac: b8:27:eb:60:73:68
rotate: 90
@@ -172,8 +190,7 @@ all:
# Both OVA groups are in the same subnet -- test_ovas aren't monitored
ovas: # 10.0.1.48/28
hosts:
Geth:
node: Node2
Superintendent:
ip: 10.0.1.49
mac: DE:8B:9E:19:55:1E
cores: 2
@@ -186,7 +203,6 @@ all:
test_ovas: # 10.0.1.48/28
hosts:
TDS-Jump:
node: Node2
ip: 10.0.1.48
mac: 00:15:5d:01:02:08
cores: 2
@@ -194,7 +210,7 @@ all:
vnc: 4
bridge: br0
disks:
- '-drive format=qcow2,l2-cache-size=8M,file=/mnt/cage2/vm/TDSJump.qcow2'
- '-drive format=qcow2,l2-cache-size=8M,file=/srv/node/vm/TDSJump.qcow2'
DedNet:
ip: 10.0.1.50
mac: 00:15:5d:01:02:09
@@ -248,7 +264,7 @@ all:
# appliances are monitored -- adhoc_appliances are convenience only and not monitored.
appliances:
hosts: # 10.0.1.64/27
Shadowfeed: # Router must be at root
Shadownet: # Router must be at root
ip: 10.0.1.1
mac: 2c:30:33:64:f4:03
Print: # Print is excepted for legacy setup reasons before we laid out subnets.
@@ -267,11 +283,11 @@ all:
hosts: # 10.0.1.64/27
DarkFeather:
ip: 10.0.1.64
mac: D0:40:EF:D4:14:CF
mac: f4:2b:8c:10:31:44
Lykos:
ip: 10.0.1.65
mac: 70:74:14:4F:8E:42
Games:
Node0:
ip: 10.0.1.66
mac: E0:BE:03:77:0E:88
LivingRoomTV:
@@ -283,25 +299,25 @@ all:
TrainingRoomTV:
ip: 10.0.1.71
mac: 80:D2:1D:17:63:10
Tachikoma:
BT:
ip: 10.0.1.72
mac: 90:0f:0c:1a:d3:23
mac: 8A:00:AA:7F:DF:D1
DedSec:
ip: 10.0.1.73
mac: 34:F6:4B:36:12:8F
# dhcp build space: 10.0.1.224/27
iot: # 10.0.2.0/24
hosts:
LinKeuei:
LivingRoomRegulator:
ip: 10.0.2.2
mac: 64:16:66:08:57:F5
Canary:
Monitor:
ip: 10.0.2.3
mac: 18:B4:30:2F:F1:37
Charon:
Gatekeeper:
ip: 10.0.2.4
mac: 64:52:99:14:28:2B
# CanoptekAleph: physical, no network
CanoptekBek:
# CaretakerAlpha has no network
CaretakerBravo:
ip: 10.0.2.5
mac: 40:9F:38:95:06:34